INTERNATIONAL GENERAL INSURANCE HOLDINGS LIMITED'S PRIVACY NOTICE
Introduction and background
We recognize that you have rights as a ‘data subject’, and that we have an obligation to uphold these.
This Privacy Notice aims to outline how we maintain these rights. In particular, it outlines:
- How we collect and process your information
- Why we do this
- How you can exercise your rights;
- Who to contact in the event you’re unhappy with our performance.
Your information rights
Right to be informed
|This encompasses the obligation for us to be transparent in how we collect and use your personal data.|
Right of access
|You have the right to access your personal data and supplementary information.|
Right to rectification
|If the information we hold on you is inaccurate or incomplete, you can request we correct this.|
Right to erasure
|You can request we delete or remove personal data where there is no compelling reason us to continue processing|
Right to restrict processing
|You have the right to request we cease processing your data, if:
Right to data portability
|Where you have consented to our processing your data, or where the processing is necessary for us to deliver a contract, you can request a copy of that data be provided to a third party in electronic form.|
Right to object
|You have the right to object to our processing under certain circumstances.
This Privacy Notice should outline how we are transparent in our processing. Please get in touch with us through the ‘contact details’ section to find out more or to exercise your information rights.
Please find in the following link Data Protection Policy under Appendix 1.
We may pass your personal data on to third-party service providers contracted with IGI in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only for the legitimate reasons they were obtained for originally. When they no longer need your data, they will dispose of IGI’s procedures as set out in the contracts signed with them. If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.
Data transfers out of the EEA: The data we receive may be sent to countries outside the European Economic Area (EEA). When they do, there will be a contract in place to make sure the recipient protects the data to the same standard as the EEA. This may include following international frameworks for making data sharing secure.
IGI retains information in accordance with our data retention requirements. We may keep such information for up to 10 years in accordance with regulatory requirements. If you object to this retention, please contact us – details provided in the ‘Contact’ section.
International General Insurance Group places great importance on the security of all personally identifiable information associated with our customers. We have security measures in place to attempt to protect against the loss, misuse and alteration of customer data under our control. While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur, we use our best efforts to prevent this through implementing the following:
- IGI has achieved the Cyber Essentials accreditation;
- IT Security Policy and Procedures;
- IT Risk and Control Register;
- User login and accounts control, password complexity/history controls, patching, regular security updates for servers, network appliances and user machines;
- Physical protection of IGI Data Center and workplace, in addition to environmental monitoring and notification system;
- Latest generations of network firewalls with secure connection between IGI offices, network segmentations and DMZ network for internet facing services;
- Antivirus and E-mail protection system;
- Data classification and labeling;
- Removable storage blocking for user PCs;
- Hardware and software Vendor SLAs, signed NDA when required;
- Security Penetration testing and venerability assessment by a third party; and
- Backup data encryption.
We may collect non-personal information about you such as the type of internet browsers you use or the Website from which you linked to our Website. You cannot be identified from this information and it is only used to assist us in providing an effective service on this Website. We may disclose aggregate statistics about our Website users to prospective partners, advertisers and other reputable third parties, but these statistics will include no personally identifying information.
Below is a full list of the cookies used by IGI along with a description of what they are used for. Where a cookie is a third party cookie, visit the providers’ website for more information.
_ga / _gid / _gat
· Determine which domain to measure;
· Distinguish unique users;
· Remember the number and time of previous visits;
· Remember traffic source information;
· Determine the start and end of a session; and
· Remember the value of visitor-level custom variables.
|This cookie is associated with the Add This social sharing widget which is commonly embedded in websites to enable visitors to share content with a range of networking and sharing platforms. It stores an updated page share count.|
|Used as an antiforgery token to protect form data.|
Personal Data Breach
With regard to Personal Data Breach caused by IGI, IGI shall:
- In accordance with GDPR Article 33 and 34, (i) notify you without undue delay in the event of any Personal Data Breach involving Personal Data and (ii) provide reasonable assistance to you when you are required to communicate a Personal Data Breach to a Data Subject.
- Use reasonable efforts to identify the cause of such Personal Data Breach and take those steps as IGI deems reasonably practicable in order to remediate the cause of such Personal Data Breach.
- Provide reasonable assistance and cooperation as requested in the furtherance of any correction or remediation of any Personal Data Breach.
In the event that you wish to make a complaint about how your personal data is being processed by IGI (or third parties as described in our Data Protection Policy), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and IGI’s Data Compliance Officer (DCO) at Data.Privacy@iginsure.com.
We recognize that you may have questions on how we process and/or store your data, or may want to change either the data we hold on you or how we communicate with you in the future.
If you have given consent for processing, you are free to withdraw that consent. To do so, please contact the DCO at Data.Privacy@iginsure.com.
If you have any questions in respect of this Notice, or would like to exercise your rights as a data subject (for example, to correct data or to exercise your right to access) please contact the DCO at Data.Privacy@iginsure.com.
If you are unhappy that we have responded to your query adequately, or if you have a further complaint, The Information Commissioner’s Office can be contacted on 0303 123 1113 (local rate – calls to this number cost the same as calls to 01 or 02 numbers). If you're calling from outside the UK, you may not be able to use the 03 number, so please call +44 1625 545 700.
This Website contains links to other Websites and you may have linked to this Website from another Website. We are not responsible for the Privacy Notice or the content of such Websites. Other associated Websites to International General Insurance Holdings Ltd may contain a Privacy Notice that is different from this Privacy Notice. This Privacy Notice relates to this Website only. When visiting other associated Websites please make sure that you read their Privacy Notices so that you can understand what personal information will be collected through or in relation to that Website and for what purposes.